Google: Nope, I am not evil!

2012-02-02 google, security

I just got an interesting mail for 3 of my domains:

Dear site owner or webmaster of [domain],

We recently discovered that some pages on your site look like a possible
phishing attack, in which users are encouraged to give up sensitive
information such as login credentials or banking information. We have removed
the suspicious URLs from Google.com search results and have begun showing a
warning page to users who visit these URLs in certain browsers that receive
anti-phishing data from Google.

Below are one or more example URLs on your site which may be part of a
phishing attack:

http://[domain]

Here is a link to a sample warning page:
http://www.google.com/interstitial?url=http%3A//[domain]

We strongly encourage you to investigate this immediately to protect users
who are being directed to a suspected phishing attack being hosted on your
web site. Although some sites intentionally host such attacks, in many cases
the webmaster is unaware because:

1) the site was compromised 2) the site doesn’t monitor for malicious
user-contributed content

If your site was compromised, it’s important to not only remove the content
involved in the phishing attack, but to also identify and fix the
vulnerability that enabled such content to be placed on your site. We suggest
contacting your hosting provider if you are unsure of how to proceed.

Once you’ve secured your site, and removed the content involved in the
suspected phishing attack, or if you believe we have made an error and this
is not actually a phishing attack, you can request that the warning be
removed by visiting
http://www.google.com/safebrowsing/report_error/?tpl=emailer and reporting an
“incorrect forgery alert.” We will review this request and take the
appropriate actions.

Sincerely, Google Search Quality Team

Wow. That’s interesting. That sites are absolutely not phishing sites, one of
those even has no formular on it! Does anyone have an idea how Googles
algorithm works?

Luckily dennis-schubert.de is not on the list of the kicked out domains. The
domains Google kicked out are just some kind of “private projects” nobody
should take care of. But that’s still interesting…